From de219480fb4613b3d9f31c15fb7af266f456e1e7 Mon Sep 17 00:00:00 2001
From: kink <kink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Date: Sat, 14 Jul 2007 18:04:09 +0000
Subject: [PATCH] use PAGE_NAME rather than PHP_SELF in
 session_expired_location

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@12536 7612ce4b-ef26-0410-bec9-ea0150e637f0
---
 functions/auth.php | 8 +++-----
 src/redirect.php   | 8 ++++----
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/functions/auth.php b/functions/auth.php
index de11da7d..11a484fe 100644
--- a/functions/auth.php
+++ b/functions/auth.php
@@ -21,8 +21,8 @@
  *
  * Function is similar to is_logged_in() function. If user is logged in, function
  * returns true. If user is not logged in or session is expired, function saves $_POST
- * and $PHP_SELF in session and returns false. POST information is saved in
- * 'session_expired_post' variable, PHP_SELF is saved in 'session_expired_location'.
+ * and PAGE_NAME in session and returns false. POST information is saved in
+ * 'session_expired_post' variable, PAGE_NAME is saved in 'session_expired_location'.
  *
  * Script that uses this function instead of is_logged_in() function, must handle user
  * level messages.
@@ -36,10 +36,8 @@ function sqauth_is_logged_in() {
 
 	//  First we store some information in the new session to prevent
 	//  information-loss.
-	sqGetGlobalVar('PHP_SELF', $PHP_SELF, SQ_SERVER);
-
 	$session_expired_post = $_POST;
-	$session_expired_location = $PHP_SELF;
+	$session_expired_location = PAGE_NAME;
 	if (!sqsession_is_registered('session_expired_post')) {
 	    sqsession_register($session_expired_post,'session_expired_post');
 	}
diff --git a/src/redirect.php b/src/redirect.php
index de887763..ae1fedf6 100644
--- a/src/redirect.php
+++ b/src/redirect.php
@@ -144,14 +144,14 @@ $redirect_url = $location . '/webmail.php';
 
 if ( sqgetGlobalVar('session_expired_location', $session_expired_location, SQ_SESSION) ) {
     sqsession_unregister('session_expired_location');
-    if ( strpos($session_expired_location, 'compose.php') !== FALSE ) {
+    if ( $session_expired_location == 'compose' ) {
         $compose_new_win = getPref($data_dir, $username, 'compose_new_win', 0);
         if ($compose_new_win) {
-            // do not prefix $location here because $session_expired_location is set to PHP_SELF
+            // do not prefix $location here because $session_expired_location is set to the PAGE_NAME
             // of the last page
-            $redirect_url = $session_expired_location;
+            $redirect_url = $session_expired_location.'.php';
         } else {
-            $redirect_url = $location.'/webmail.php?right_frame='.urlencode($session_expired_location);
+            $redirect_url = $location.'/webmail.php?right_frame='.urlencode($session_expired_location).'php';
         }
     }
     unset($session_expired_location);
-- 
2.25.1